Connection to the Internet for IBM remote support must be in compliance with mitigations specified in the Ports and Protocols and Services Management (PPSM) requirements.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-256891 | HMC0225 | SV-256891r991589_rule | CCI-000366 | high |
| Description | ||||
| Failure to securely connect to remote sites can leave systems open to multiple attacks and security violations through the network. Failure to securely implement remote support connections can lead to unauthorized access or denial of service attacks on theHardware Management Console. | ||||
| STIG | Date | |||
| IBM Hardware Management Console (HMC) Security Technical Implementation Guide | 2024-06-24 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V2R1 · disa_xccdf · related
Details
Check Text (C-256891r991589_chk)
Have the Network Security Engineer check, that the remote Internet connection for IBM RSF support has met the mitigations outlined in Vulnerability Analysis for port 443/SSL in the PPSM requirements.
Fix Text (F-60509r891018_fix)
Have the Network Security Officer validate that the Internet connection meets the specifications in the PPSM requirements.